Decrypting SSL to Chinese Cloud Servers - Hacking the VStarcam CB73 Security Camera

This is my favorite newly discovered Youtube channel. I watch every video as soon as they drop. Keep it up Matt!

Helped a friend set up a 6 camera system. He bought 4 reputable cams and two cheapies. We configured all cams to shut off any and all cloud services. All were set with static IP, gateway, NTP server, and NO dns. The four reputable ones generate zero unexpected traffic. The two cheapies? Constant flow of connection attempts to cn owned IPs, as well as dns requests to google DNS IPs (apparently hard coded). Nothing goes anywhere since they're on a segregated VLAN with no outside access... but the firewall packet counters are in the millions.

this is the content we need more of, keep it up matt this is legitimately great stuff

You are wonderful! A couple of months ago my work was throwing out old IP cams and I asked to have one because I was super interested in hooking it up and digging into everything that’s on it that the user doesn’t get to typically see. The camera is a Vstarcam. How lucky am I that an expert like yourself is doing exactly what I (an absolute amateur) was wanting to do on this brand of ip cam!

I’m not a hacker and have zero Linux knowledge but this stuff and how you present it is fascinating to me regardless. Thanks for taking the time to setup these demonstrations and so clearly explain what is a very deep understanding of these devices.

This is some really cool content. I would highly recommend a brief intro with some bullets on what you are going to attempt and then as part of the outro, provide a summary of what you discovered. It would really help tie everything together.

Yooooooo, You just got a new sub. Lovely vid. Love the work! ❤

loving the idea of letting peeps from the web fish around on the device and connect with you and others on discord ❤

Very cool. I look forward to part2.

What awesome content again thanks matt❤❤

Love these videos! Keep it up!

I hit the like button 10 seconds into the video as I know I am in for a treat! Great work!

TLS encryption, in this case, is probably more about obscuring what this device is doing versus protecting the user's data.

This is great content. Have you tried this on any major brand name cameras like Blink or Ring?

Another Amazing Video Matt! Are you going to DC 32 this year?

Wonderful. Exactly answering some of the questions I had about some of my Chinesium security cameras. I really appreciate you going through this with live workflow. Keep up the good work.

Awesome video!

Love the homelab.

Thank you for letting us know. Having no certificate also means no certificate can expire. :-)

I have mad mad respect for this guy.